The ABB Cylon FLXeon BACnet controller is vulnerable to an unauthenticated WebSocket implementation that allows an attacker to execute the tcpdump command. By exploiting this vulnerability, an attacker can launch multiple instances of tcpdump, leading to resource exhaustion, denial of service (DoS) conditions, and potential data exfiltration. The lack of authentication on the WebSocket interface enables unauthorized users to continuously spawn new tcpdump processes, escalating the impact of the attack.
This exploit targets a race condition in the signal handler of OpenSSH's server (sshd) specifically on glibc-based Linux systems. By exploiting a vulnerability where the SIGALRM handler invokes async-signal-unsafe functions, it allows for remote code execution as root.
The code-projects Online Exam Mastering System 1.0 is prone to a Reflected Cross-Site Scripting (XSS) vulnerability in the 'q' parameter of feedback.php. This issue occurs because the application does not properly sanitize user-supplied input, enabling an attacker to execute arbitrary JavaScript code.
NagVis version 1.9.33 is vulnerable to an arbitrary file read exploit. An attacker can read arbitrary files on the system by sending a crafted request to the '/nagvis/server/core/ajax_handler.php' endpoint with a file path parameter. This vulnerability has been assigned CVE-2022-46945.
The exploit allows an attacker to perform SQL injection in PandoraFMS version 7.0NG.772. By manipulating certain parameters, an attacker can inject malicious SQL queries, potentially gaining unauthorized access to the database. This vulnerability has been assigned CVE-2023-44088.
An authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager API allows unauthorized access to a selected account. By exploiting this vulnerability, an attacker can add an SSH key to the authorized_keys file of the chosen account, enabling them to log in to the system with that account. Successful exploitation can lead to remote code execution.
The Aztech DSL5005EN router/modem allows an attacker to change the admin password without authentication, by sending a crafted HTTP request to the 'sysAccess.asp' endpoint. This could lead to unauthorized access and control of the device.
An authenticated attacker can access critical information via the system logs page of ABB Cylon FLXeon controllers, including the OpenSSL password for stored certificates. This data exposure can lead to potential attacks like decrypting encrypted communications, impersonation, or gaining deeper system access.
The Netman 204 device is vulnerable to unauthorized access and command injection. Attackers can exploit this vulnerability to execute remote commands without authentication. By using specific URLs, attackers can access different panels with default or backdoor credentials, allowing them to view critical information and perform actions without proper authorization.
The Extensive VC Addons plugin for WPBakery page builder before 1.9.1 allows remote attackers to execute arbitrary commands via crafted input. An attacker can leverage this vulnerability to perform various malicious activities like reading sensitive files or executing system commands remotely. This vulnerability is identified as CVE-2023-0159.
Services By CQR